Supervising user interaction with online services

ABSTRACT

A report card provides a supervisor or master account holder (e.g., a parent) with information about the activities of an individual or sub-account user (e.g., a child). For example, the report card may include a list of the sites (e.g., content identifiers and/or uniform resource locators) that an individual has visited or attempted to visit. Other information (e.g., e-mail and address book activity and instant messaging and contact list activity) also may be provided in addition to tools that allow the master account holder to access information about the activities and to adjust parental controls for the activities.

CROSS-REFERENCE TO RELATED APPLICATION

This application is a continuation of, and claims priority to, U.S.patent application Ser. No. 10/330,561 entitled “Supervising UserInteraction With Online Services,” which was filed on Dec. 30, 2002. Thedisclosure of the above application is incorporated by reference in itsentirety.

TECHNICAL FIELD

The following description relates generally to the supervision of userinteraction with online services.

BACKGROUND

The Internet is a global network that may be used to access informationthat is directed to many different topics. For example, information maybe accessed regarding religions, cultures, ideologies, and lifestyles,some of which may be considered offensive to certain individuals. Inaddition, Internet accessible information may be considered graphic,violent, harmful, illegal, or sexual, and, therefore, inappropriate forcertain users. As such, parents and/or guardians may wish to regulateaccess to information made available to online users under theirsupervision.

The Internet also provides various communications techniques, such asinstant messaging, e-mail, and chat rooms that provide an easy medium tocontact any number of individuals, entities, or organizations throughoutthe world. Parents and/or guardians may wish to regulate suchcommunications.

Various mechanisms, such as parental controls, have been developed toregulate access to information and communications available from theInternet and online service providers. However, new methods andtechnology continue to be developed to supplement traditional mechanismsfor regulating access to information and communications.

SUMMARY

In one general aspect, a guardian system includes an interface toreceive data related to activities of a first account; a guardian hostto collect the first account activity data and to generate a report cardbased on the collected first account activity data; and an interface toprovide access to the report card to a second account that is associatedwith the first account and that exercises some control over the firstaccount.

The report card may include one or more windows to display activitylists indicating the online activity on a host network by the firstaccount. The report card indicates online activity, such as web accessactivity, instant messaging activity, and e-mail activity by the firstaccount.

The report card may include a web access window including an activitylist having one or more identifiers associated with web sites that wereaccessed by the first account, with one or more of the identifiers beingselectable to enable viewing of a web sites associated with a selectedidentifier. The web access window may include an input to enable theguardian host to block future access by the first account to one or moreweb sites associated with the identifiers on the activity list.

The report card may include an attempted access window including anactivity list having one or more identifiers associated with web sitesthat the first account attempted to access, with one or more of theidentifiers being selectable to enable viewing of a web sites associatedwith the identifiers on the activity list. The attempted access windowincludes identifiers of web sites for which access was attempted by anddenied to the first account, and an input receiving interface by whichthe second account may enable the first account to access the one ormore web sites.

The report card may include an instant messaging window includinginformation regarding instant massage activity associated with the firstaccount. The instant messaging window includes an input to enable accessto a contact list associated with the first account. The informationincludes an indication of changes to a contact list and identificationsof one or more identities that received an instant message from thefirst account or sent an instant message to the first account.

The report card window may include an e-mail window includinginformation regarding e-mail activity associated with the first account.The e-mail window includes an input interface to enable access to a useraddress book associated with the first account. The information includesan indication of changes to an address book associated with the firstaccount and identification of one or more identities that receivede-mail from the first account or sent e-mail to the first account.

The report card may include a parental controls window listing one ormore services for which parental controls are applied and an indicationof the level of access by the first account to the services. Theparental controls window includes an input to edit parental controlsettings associated with the first account.

Other features will be apparent from the description, the drawings, andthe claims.

DESCRIPTION OF DRAWINGS

FIG. 1 is a block diagram of an exemplary system for supervising userinteraction with online services.

FIG. 2 shows an exemplary graphical user interface that may be used inthe system of FIG. 1 and includes options for supervising userinteraction with online services.

FIG. 3 shows an exemplary graphical user interface for a report cardthat may be provided by the system of FIG. 1.

FIG. 4 shows an exemplary graphical user interface for a user contactlist that may be accessed using the report card and the system of FIG.1.

FIG. 5 shows an exemplary graphical user interface for an address bookthat may be accessed using the report card and the system of FIG. 1.

FIG. 6 shows an exemplary graphical user interface that may be used inthe system of FIG. 1 to provide online services.

Like reference symbols in the various drawings indicate like elements.

DETAILED DESCRIPTION

As described above, a parent or guardian may wish to closely supervise achild's online activities. However, many parents are not able to closelymonitor their children at all times. Although filters and servicesprovide some restriction on activities, these systems are not meant toreplace entirely a parent's supervision. The guardian system and methodsprovide an additional tool for a parent or other entity to monitor andsupervise a user's online activities.

In one implementation, a report card provides a supervisor or masteraccount holder (e.g., a parent) with information about the activities ofan individual or sub-account user (e.g., a child). For example, thereport card may include a list of the sites (e.g., content identifiersand/or uniform resource locators) that an individual has visited orattempted to visit. Other information (e.g., e-mail and address bookactivity and instant messaging and contact list activity) also may beprovided in addition to tools that allow the master account holder toaccess information about the activities. The report card andcorresponding systems and methods are described in greater detail below.

As shown by the exemplary implementation illustrated FIG. 1, acommunications system 100 may include a number of networks (e.g., a hostnetwork 103, an intranet 105, and the Internet 107) that provide networkonline services, content, and resources to one or more client devices110 and their users. Using communications paths 115, the client devices110 may connect to the host network 103 directly, or the client devices110 may connect to the host network 103 indirectly through the intranet105 or the Internet 107. Once connected, the client devices 110 provideaccess to services and content provided by the host network 103.

The host network 103 may be implemented using any number of componentsand/or network devices (e.g., hubs, routers, switches, servers,repeaters, storage devices, communications interfaces, processors, andvarious communications media) to establish a local area network (LAN), awide area network (WAN), a switched network, a radio network, a cablenetwork, a satellite network, or a combination of two more of thesenetworks.

In particular, the host network 103 may include one or more host devicesor systems to provide access to the devices, services, and resources ofthe host network 103. The host devices may include one or more of alogin host 120, an instant message host 125, an e-mail host 126, aprofile complex 127, a database 129, a host complex 130, a parentalcontrol host 135, and a guardian host 140. The hosts may provide one ormore online services, such as web access, searching, personalized webpages, e-mail, instant messaging, chatting, shopping, and parentalcontrols.

The host devices and systems may exchange or access data using a hostnetwork communications structure 145 that may include communicationsmedia, servers, routers, switches, processors, storage, interfaces, andgateways (e.g., for conversion of protocols between host devices, ifnecessary).

The client devices 110 may be operated by one or more users to accessthe host network 103 and its services. An example of a client device 110is a general-purpose computer capable of responding to and executinginstructions in a defined manner. Client devices 110 also may include aspecial-purpose computer, a personal computer (“PC”), a workstation, aserver, a laptop, a Web-enabled phone, a Web-enabled personal digitalassistant (“PDA”), an interactive television set, a set top box, anon-board (i.e., vehicle-mounted) computer, or a combination of one ormore these devices capable of responding to, generating, and/orexecuting instructions. The client device 110 may include any number ofother devices, components, and/or peripherals, such as memory/storagedevices, input devices, output devices, user interfaces, and/orcommunications interfaces.

The client device 110 also may include one or more software applications(e.g., an operating system, a browser application, a microbrowserapplication, a server application, a proxy application, a gatewayapplication, a tunneling application, an e-mail application, an IMclient application, an online service provider client application,and/or an interactive television client application) loaded on theclient device 110 to command and direct the client device 110.Applications may include a computer program, a piece of code, aninstruction, or some combination thereof, for independently orcollectively instructing the client device 110 to interact and operateas desired.

The applications may be embodied permanently or temporarily in any typeof machine, component, physical or virtual equipment, storage medium, orpropagated signal wave capable of providing instructions to the clientdevice 110. In particular, the applications may be stored on a storagemedium or device (e.g., a read only memory (ROM), a random access memory(RAM), a volatile/non-volatile memory, or a magnetic disk readable bythe client device 110, such that if the storage medium or device is readby the client device 110, the specified steps or instructions areperformed.

The client device 110 also includes one or more communicationsinterfaces that allow the client device to send and receive informationusing the communications paths 115.

The communications paths 115 may be configured to send and receivesignals (e.g., electrical, electromagnetic, or optical) that convey orcarry data streams representing various types of analog and/or digitalcontent. For example, the communications paths 115 may be implementedusing various communications media and one or more networks comprisingone or more network devices (e.g., servers, routers, switches, hubs,repeaters, and storage devices). The one or more networks may include aWAN, a LAN, a plain old telephone service (POTS) network, a digitalsubscriber line (DSL) network, an integrated services digital network(ISDN), a synchronous optical network (SONNET), or a combination of twoor more of these networks. In addition, the communications paths 115 mayinclude one or more wireless links that transmit and receiveelectromagnetic signals, such as, for example, radio, infrared, andmicrowave signals, to convey information.

The client device 110 may establish a connection (through acommunications path 115) to a login host 120. The login host 120 mayinclude one or more servers, processors, and other communications mediato provide access to the host network 103 using an ISP client and/or abrowser application. The login host 120 may determine whether aparticular user of a client device 110 is authorized to access the hostnetwork 103 (e.g., by verifying a user identification and a password).If the user is authorized to access the host network 103, the login host120 may facilitate establishing communications between the client device110 and the host network devices corresponding to any services desiredby the user.

Once communications with the host network 103 have been established, theclient device 110 may directly or indirectly transmit data to and accesscontent and services from the hosts. For example, the client device 110may establish a connection with the host complex 130 to browse theInternet; access web pages; shop online; get customized news, weather,and stock quotes; and search the World Wide Web.

The host network 103 includes one or more user profile complexes 127connected to a database 129 to store user profile data. The user profilecomplex 127 may include one or more user profile servers and otherdevices allowing the entering, retrieving, editing, manipulating, orotherwise processing of user profile data. In one implementation, userprofile data may include a user contact list, an address book,identified interests, a geographic location, a type of account, anddemographic information. The user may use a client application or abrowser on the client device 110 to interact with the user profileserver and perform various functions if authorized (e.g., enter, editand/or delete profile data).

The user profile data also may be stored by the client device 110. Forexample, a storage medium associated with the client device 110 maystore user account information, a contact list, and/or an address book.In one implementation, the user profile data stored by the client device110 may be provided to the host network 103 when needed (e.g., atspecified times or upon request). In another implementation, the userprofile data may be stored by both the client device 110 and the hostnetwork 103 and periodically synchronized (e.g., at logon, logoff, orwhen appropriate).

If the user profile data is stored by the host network 103, the userdoes not have to reenter or update such information in the event thatthe user accesses the host network 103 using a new or a different clientdevice 110. Accordingly, when a user accesses the host network 103, thelogin host 120 can instruct the user profile complex 127 to retrieve theuser profile data from the database 129 and to provide, for example,user data to a host as needed.

A user may establish an account to gain access to the host network 103.The account may be a general account, a master account, or asub-account. A master account may be associated with or linked to one ormore sub-accounts and may exercise at least some control over thesub-accounts. In one implementation, the master account also may createone or more associated sub-accounts. In another implementation, themaster account may be associated with or linked to one or more existingsub-accounts. An identifier, (e.g., a screen name) may be associatedwith each sub-account and stored with the user profile data. Forexample, a master account holder may create a sub-account and a screenname for a child that is used as the child's online identity tocommunicate with others through chat, message boards, instant messagenotes, and games. The screen name also may be used to create an e-mailaddress.

As previously described, it may be desirable to restrict access bycertain users (e.g., children) to content and services provided by ormade available through the host network 103. A master account holder maycommunicate with the parental control host 135 to establish a contentadvisor for any of the sub-accounts associated with the master account.The content advisor may be used to filter out content and onlineservices that are not suitable for an expected user of the sub-account.

The master account holder may adjust the level of content exposureaccording to the age and maturity of the sub-account user. The masteraccount holder also may set limits on specific activities within whichthe sub-account user may participate (e.g., chats, instant messages,e-mail, newsgroups, and file downloads).

When a screen name is created for a sub-account, a basic parentalcontrols category may be selected by the master account holder. Eachcategory has predefined limits or constraints associated with onlineservices (e.g., e-mail, instant messaging, Web content access, and/orchat) provided by the host network 103. The categories help to determinethe general level of access to these services by the sub-account user.For example, parental controls categories may include kids only, youngteen, and mature teen.

Kids only may refer to children ages 12 and under, and may be used torestrict children's access to certain services and content of hostnetwork 103 and the Internet 107. Young teens may refer to children ages13-15, and may be used provide more freedom than the kids only categorywhile preventing full access to content or services. Mature teen mayrefer to children ages 16-17, and may be used to allow the most freedomof all the categories. Mature Teens may access all services and contenton the host network 103 and the Internet 107, except certain sitesrestricted to an adult (18+) audience. The categories associated with asub-account may be changed and/or customized at any time by the masteraccount holder.

After creating a sub-account, choosing an associated screen name, andselecting a basic parental controls category, the master account holdermay customize the sub-accounts access to specific online servicesprovided by the host network 103. For example, parental controls enablethe master account holder to determine who can and cannot send e-mail tothe sub-account. For additional control, a second screen name may beassociated with the sub-account that may be used only for chat (e.g.,blocking all e-mail to the second screen name so that a child will notreceive unsolicited commercial e-mail (“spam”) after chatting online).

The parental controls also may be used to set up a guardian serviceprovided by the guardian host 140. The guardian service monitors andprovides a record of the sub-account's online activity. A report cardmay be provided or made accessible to the master account holder for eachsub-account, as explained in detail below.

The guardian host 140 may include one or more servers, storage, andcommunications infrastructure to monitor the activities of one or moresub-account users while online, to collect data associated with thesub-account online activity, and to provide an interface for interactiveguardian services provided to the master account holder.

At the end of a sub-account's session (or at a designated time asexplained below), the collected data may be reported to the masteraccount holder. For example, a guardian host communications server maydeliver the collected data to the master account holder (e.g., to ane-mail address associated with the master account). In anotherimplementation, the collected data may be made accessible to the masteraccount holder so that the master account holder may access and viewcollected data (e.g., using a link proved by the browser or ISP clientapplications).

The collected data may be provided as a report card of the sub-accountactivities. The report card may be used by the master account holder todetermine the sub-account's online activities and to set, control,adjust, and fine-tune parental controls associated with the sub-account.The report card also may be used by the master account holder torecognize and to enable access to different or previously-restrictedonline services provided by the host network 103.

When the master account holder sets parental controls for a sub-account,the master account holder is given the option to activate the guardianservice. For example, as shown in FIG. 2, the master account holder maybe presented with a guardian control window 200 for a sub-account.

The window 200 includes a list 205 of activities/services (e.g., allactivity, e-mail, address book, chat, instant messaging, contact list,web sites/web activity) that may be monitored for the sub-account. Eachof the activities and/or services may have an associated input 210(e.g., a check box) that may be selected by the master account holderusing the client device 110 to activate monitoring of the associatedactivity. In addition, inputs (e.g., virtual buttons 220 and 230) may beused to save the guardian settings or cancel the window (e.g., if theguardian service is not wanted or if the current settings aresatisfactory). An indication of each monitored activity and/or servicemay be stored in the user profile associated with the sub-account.

Thereafter, when a sub-account accesses the host network 103, the loginhost 120 checks the user profile to determine whether the guardianservice is activated. If activated, the login host 120 notifies theguardian host 140, and the guardian host 140 accesses the user profileto determine which activities/services are selected to be monitored.

The guardian host 140 may collect data regarding the sub-account'sactivities by monitoring the activities of the sub-account or theservices requested by the sub-account. The guardian host 140 uses thecollected activity data to create a report card for the sub-account.

In one implementation, the guardian host 140 contacts any network hostsassociated with the monitored activities/services to send reports of theactivities of the sub-account to the guardian host 140. The designatedhosts report the sub-account's activities to the guardian host 140. Theguardian host 140 collects the reported activity.

In another implementation, a token, a flag, metadata or anotheridentifier may be associated with the sub-account or sub-accountidentifier to indicate that the guardian service has been activated forthe sub-account. As a result, any host device servicing the sub-accountmay determine the presence of the identifier and report to the guardianhost 140 the activities provided to the sub-account.

The report card may include a description of one or more activities ofthe sub-account while the sub-account is connected to the host network103. For example, the report card may include web sites or onlineresources that were successfully accessed, web sites or online resourcesfor which access was attempted but denied, the number of times aspecific web sites or online resource was visited or attempted to beaccessed, an indication of additions and deletions that were made to thesub-account's contact list and address book, the ability for the masteraccount holder to review a current copy of any sub-account's contactlist and address book, how much time the sub-account spent online orvisiting one or more web sites, the time of online usage orvisitation/attempted access of particular web sites or online resources,and current administrative (e.g., parental controls) settings for thesub-account. The report card also may include an interface or tool thatallows a master account holder to adjust parental control settingsand/or obtain additional information regarding the sub-accountactivities, as described in detail below.

The guardian host 140 may provide the report card to the master accountholder using a communications format compatible with the communicationsapplications of the client device 110 of the master account holder. Forexample, the report card may be sent to an e-mail address associatedwith the master account. The guardian host 140 also may notify themaster account holder that the report card is accessible, and the masteraccount holder may access the report card using the client device andthe browser or the ISP applications. In another implementation, thereport card may be stored on the host network 103 and updated by theguardian host 140. In this case, the master account holder may accessthe report card whenever the master account holder is connected to thehost network 103. Notification or delivery of the report card typicallyis provided on a periodic basis. For example, the report card may besent when a monitored sub-account user logs off, when storage/memorysaving the collected data associated with a sub-account is full, or atspecified times (e.g., hourly, daily, weekly, and monthly). As aprecaution, the guardian host 140 may send a notification (e.g., ane-mail) to the master account holder if the guardian service isdeactivated, and the master account holder may verify that the guardianservice should be deactivated. This process of notification andverification may be used to minimize or avoid accidental or unintendeddisruption of the guardian service.

In addition to the report card, the guardian host 140 may provide anonline link to a history of activity for a corresponding sub-account.The history may be accessed by the master account when linked to thehost network 103. The history may provide access to any of the datacollected by the guardian host 140 for the sub-account and report cardover a period of time (such as, e.g., a week, a month, and/or a year).The collected data may be organized (e.g., by date and/or category) toaid viewing by the master account. The history also may be downloaded tothe client device 110 of the master account holder.

In another implementation, a separate report host may used to generateand provide the report card to the master account. In thisimplementation, the report host receives the collected data from theguardian host and creates the report card and history. The report hostalso may provide access to and/or deliver the report card to the masteraccount. The report host also may provide a link for access to thesub-account's history.

FIG. 3 shows an exemplary graphical user interface 300 for a report cardassociated with a sub-account. The report card may include a sub-accountidentifier 301 (e.g., a screen name), session information 302 (e.g., adate and a time range), a duration of session 303, one or more activitywindows (e.g., a web sites successfully visited window 310, a website-attempted-visits window 320, an IM-and-contact-list activity window330, and an e-mail-and-address-book-activity window 340) and aparental-controls window 350.

The web sites successfully-visited-window 310 includes a list 360 of websites visited by a sub-account holder. For example, the list 360 mayinclude one or more uniform resources locators (URLs) with correspondinghyperlinks. Selecting a URL causes a browser of the client device 110 toaccess the site associated with the selected URL so that the masteraccount holder may view the site and determine if the site isappropriate for the sub-account user. The number of visits to a site maybe associated with each listed URL.

A report-a-site virtual button 367 or other input is provided. Selectingthe report-a-site virtual button 367 allows the master account holder toreport to the guardian host 140 a site that was accessed by thesub-account and to which the master account holder wishes to restrictaccess by the sub-account in the future. The guardian host 140 may useany sites reported by the master account holder to update a list ofsites to which the sub-account should be denied access. The guardianhost 140 also may notify the parental controls host 135 about thereported site so that the site may be evaluated with regard to parentalcontrols of other sub-accounts associated with the master account, orwith regard to parent controls generally (e.g., access to the identifiedsite may be denied for teens if a threshold number of the master accountholders indicate the site as inappropriate for their teen sub-accounts).

The web site-attempted-visits window 320 includes a list 370 of websites that a sub-account user has attempted to visit. For example, thelist 370 may include one or more URLs with corresponding hyperlinks.Selecting a URL causes a browser of the client device 110 to access thesite associated with the URL so that the master account holder may viewthe site and determine if the site is appropriate for the sub-accountuser. The number of attempts to visit a site may be associated with eachlisted URL.

A recommend-a-site virtual button 371 or other input also may beprovided. Selecting the recommend-a-site virtual button 352 allows themaster account holder to recommend to the guardian host 140 a site forwhich access was denied to the sub-account and that master accountholder wishes to allow the sub-account to access in the future. Theguardian host 140 may use any recommended sites to update a list ofsites for which access is permitted by the sub-account or to remove thesite from a list of restricted sites. The guardian host 140 also maynotify the parental controls host 135 about the recommended site so thatthe site may be evaluated by the parental controls host 135 with regardto other sub-accounts associated with the master account, or with regardto parent controls generally (e.g., access to the identified site may beallowed for kids only if a threshold number of the master accountholders indicate the site as appropriate for their kids onlysub-accounts).

The IM-and-contact-list-activity window 330 includes a list 375 ofinformation about the instant messaging activity of the sub-account. Forexample, the list 375 may include the number of users on the contactlist who were contacted, the number of users contacted who are not onthe contact list, and whether changes were made to the contact list. Inaddition, the list 375 may include the screen names of those contactedand/or added to the contact list.

A view-contact-list-virtual button 377 (identified with “View BuddyList” in FIG. 3) or other input also may be provided. Selecting the viewcontact list virtual button 377 causes the browser of the client device110 to display a window (e.g., as shown in FIG. 4 and described below)with a list of the contacts for the sub-account.

The e-mail-and-address-book-activity window 340 includes a list 380 ofinformation about the e-mail of the sub-account. For example, the list380 may include the number of people with which the sub-accountinteracted and whether changes were made to the address book. Inaddition, the list may include the e-mail address, name or identifier ofany user that was a recipient of e-mail from the sub-account, that was asender of e-mail to the sub-account, and/or that was added to theaddress book.

A view address book virtual button 381 also may be provided. Selectingthe view address book virtual button 381 causes the browser of theclient device 110 to display a window (e.g., as shown in FIG. 5 anddescribed below) with a list of the contacts in the address book of thesub-account.

The parental-controls window 350 may include the sub-account identifierto which the parental controls are applied. A list 390 includes iconsrepresenting the different online services for which parental controlsare applied. For example, in the illustrated example, the list 390includes icons for web browsing, instant messaging, e-mail, chat, anonline timer, and AOL guardian. A corresponding visual indication, forexample, a bar graph 391, indicates the level of access (e.g., full,intermediate, or no access) for one or more of the online servicesassociated with the sub-account. A virtual button 393 or other input isprovided to permit editing of parental controls. Selecting the virtualbutton 393 causes the browser of the client device 110 to access aparental controls interface provided by the parental controls host 135,so as to allow the master account holder to edit the parental controlsof the sub-account.

FIG. 4 shows an exemplary graphical user interface 400 for a sub-accountcontact list 410. The contact list 410 is presented to the masteraccount holder in response to selecting the view-contact-list virtualbutton 377.

The contact list 410 may be divided into contact groups. In addition,those names or identifiers that have been changed or added may beindicated using color, shading, highlighting, or some other visualidentification, or by placing the names into a separate group. Forexample, deleted names may be transparent or struck through, and addednames may be bolded or highlighted. The master account holder may selectany name to remove the name from the contact list or to block access tothe sub-account by the identity associated with the name. A closevirtual button 460 or other input may be included to close the interface400.

FIG. 5 shows an exemplary graphical user interface 500 for an addressbook 510 of a sub-account. The address book 510 may be presented to themaster account holder in response to selecting the view-address-bookvirtual button 381. The address book 510 may be divided into groups(e.g., Family, Company, Co-workers). Identifiers and any correspondinge-mail addresses may be provided. In addition, those names, identifiers,or e-mail addresses that have been changed or added may be indicatedusing color, shading, highlighting, or some other visual identification,or by placing the names into a separate group. For example, deletednames may be transparent or struck through, and added names may bebolded or highlighted. The master account holder may select any name toremove the name from the address book or to block access by the entityassociated with the name to the sub-account. A close virtual button 560may be included to close the interface 500.

FIG. 6 is a graphical user interface 600 that the host network 103provides to the client device 110 to access online services provided bythe host network 103. The interface may include various tool bars,menus, and windows to provide information to a user and to provideinputs for controlling the interface. In particular, the user interfacemay include an indication 620 (e.g., a title section of a window) thatthe guardian service has been activated for the account accessing thegraphical user interface. In addition, an indication 630 (e.g., awindow) that the master account receives a report that outlines theactivity for the sub-account's session also may be provided.

A number of exemplary implementations have been described. Nevertheless,it will be understood that various modifications may be made. Forexample, suitable results may be achieved if the steps of describedtechniques are performed in a different order and/or if components in adescribed system, architecture, device, or circuit are combined in adifferent manner and/or replaced or supplemented by other components.Accordingly, other implementations are within the scope of the followingclaims.

What is claimed is:
 1. A system for monitoring online activities of asub-account user over which a master account holder exercises control,comprising: a first system, including a first processor that collectsactivity data regarding online activities of the a sub-account user andgenerates an online report based on the activity data, wherein theonline report includes one or more inputs for the a master accountholder to provide an access recommendation for a web site; and a secondsystem, including a second processor that automatically denies access bythe sub-account user to the web site when a number of negativerecommendations provided by other master account holders for the website exceeds a predetermined threshold.
 2. The system of claim 1,wherein the online report includes one or more windows that display oneor more activity lists indicating online activity on a host network bythe sub-account user.
 3. The system of claim 1, wherein the sub-accountuser is one of a plurality of users of the sub-account.
 4. The system ofclaim 1, wherein profile data for the sub-account user is stored on aclient device, and wherein the client device provides the profile datato the first system.
 5. The system of claim 1, wherein the sub-accountuser is one of a plurality of sub-account users controlled by the masteraccount holder.
 6. The method system of claim 1, wherein collectingactivity data includes collecting data in response to the online accountattempting to access web content.
 7. A guardian system comprising: ahost computer that collects activity data regarding activities of asub-account user over which a master account holder exercises controland generates a report card based on the collected sub-account activitydata, wherein activity data includes data generated in response to anattempt to access web content; and an interface that electronicallyprovides access by the master account holder to the report card, whereinthe report card includes an input by which the master account holderrecommends granting access to a web site; and the host computer grantingaccess to the web site when a number of recommendations by other masteraccount holders for the web site exceeds a predetermined threshold. 8.The system of claim 7, wherein the report card includes one or morewindows that display one or more activity lists indicating onlineactivity on a host network by the sub-account user.
 9. The system ofclaim 8, wherein the sub-account is utilized by other users in additionto the sub-account user.
 10. The system of claim 8, wherein profile datafor the sub-account is stored on a client device, and wherein the clientdevice provides the profile data to the host computer.
 11. The system ofclaim 8, wherein the sub-account is one of a plurality of sub-accountscontrolled by the master account.
 12. An online reporting A systemcomprising: a memory device; and at least one processor that performstasks including: collecting activity data regarding Internet activitiesassociated with an online account, storing the activity data in thememory device, and generating a report reflecting the Internetactivities associated with the online account based on the activitydata, wherein the report includes data identifying a web site that theonline account requested access and a link that allows a user to accessthe identified web site, and wherein the report further includes aninput by which the master account holder recommends granting access to aweb site; and the host computer granting access to the web site when anumber of recommendations by other master account holders for the website exceeds a predetermined threshold.
 13. The online reporting systemof claim 12, wherein online account is utilized by more than one user.14. The online reporting system of claim 12, wherein profile data forthe online account is stored on a client device, and wherein theprocessor receives the profile data from the client device.
 15. Theonline reporting system of claim 12, wherein the online account is asub-account of a master account.
 16. The method system of claim 12,wherein collecting the activity data includes collecting data related toweb content accessed by a user of the online account.
 17. The methodsystem of claim 12, wherein collecting activity data includes collectingdata corresponding to an attempt by the online account to access webcontent.
 18. The system of claim 12, wherein the report includes acontrols window listing one or more services for which monitoringcontrols are applied and an indication of a level of access by theonline account to the one or more services.
 19. The system of claim 12,wherein the controls window includes an input to allow editing of one ormore control settings associated with the online account.
 20. The systemof claim 1, wherein the activity data regarding online activities of asub-account user includes data regarding contact list activity.
 21. Thesystem of claim 1, wherein the activity data regarding online activitiesof a sub-account user includes messaging activity.
 22. The system ofclaim 7, wherein the activity data further includes data regardingcontact list activity.
 23. The system of claim 12, wherein the reportfurther includes information regarding contact list activity.
 24. Amethod comprising: monitoring online activities associated with a firstuser of an online account to collect activity data associated with theonline account, the activity data including contact list activity data;generating, using at least one processor of at least one computingdevice, a report reflecting information associated with the collectedactivity data including information associated with the contact listactivity data, wherein the report indicates web sites where access isgranted or restricted for the first user based on a threshold number ofrecommendations by multiple master account holders, and includes alisting of second users that have interacted with the first user andthat are not on a contact list associated with the first user; providingthe report to a master account holder associated with the first user ofthe online account; and providing one or more controls, using the atleast one processor, for the master account holder to restrict theonline activities of the first user of the online account.
 25. Themethod of claim 24, wherein the online account is a sub-accountassociated with an account of the master account holder.
 26. The methodof claim 24, wherein the first user is a child of the master accountholder.
 27. The method of claim 24, wherein the master account holderreport includes a controls window listing one or more services for whichmonitoring controls are applied and an indication of a level of accessby the online account to the one or more services.
 28. The method ofclaim 27, wherein the controls window further includes an option forselection among a plurality of predefined levels of user restrictionthat may be applied to the online account.
 29. The method of claim 24,wherein the report identifies one or more contacts with which the firstuser has interacted.
 30. The method of claim 24, wherein the reportidentifies one or more changes to a contact list associated with thefirst user.
 31. The method of claim 24, wherein the one or more controlsincludes a control for removing a particular contact from a contact listassociated with the first user.
 32. The method of claim 24, wherein theone or more controls includes a control for blocking access by aparticular contact to the online account of the first user.
 33. Themethod of claim 24, wherein the listing is a first listing, and whereinthe report includes a second listing of users that the first user hascontacted through the online account or that have contacted the firstuser through the online account.
 34. The method of claim 24, furthercomprising enabling the master account holder to access informationassociated with users that have interacted with the first user.
 35. Themethod of claim 24, wherein the contact list activity data comprisesmessaging activity data.